Blog :: Network Operations :: Security Operations

IPFIX Collector: Syslogs exported as IPFIX!

IPFIX is taking the world by storm!  Taking it beyond the standard network traffic from routers and switches, you can now get traditional message formats such as syslogs, Microsoft event logs, SNMP traps and more exported as IPFIX!!! And with our IPFIX collector, reporting on this unified message format is similar to monitoring network traffic.

Do you want quick and easy access to Syslog reporting?  What better solution than your NetFlow and IPFIX reporting solution?  With IPFIXify, you can export syslogs as IPFIX records.  Then using Scrutinizer Flow Analyzer as your flow reporting solution, you can then store, report on, correlate and analyze all of those logs.  Check out this list of reports available for Syslog reporting!

Syslog IPFIX report list

  • Syslog: Facility
  • Syslog: Facility by Source
  • Syslog: Severity
  • Syslog: Severity by Source
  • Syslog: Source Details
  • Syslog: Messages
  • Syslog: Top Sources

Need quick and easy granular data and graphing on your syslogs?

Cisco ASA NSEL

So how do we go about exporting logs with IPFIX?  With a configuration file mapping the fields in the logs to the fields in the IPFIX template.  There is also an Apache access logs config file currently available.  Do you need to report on the web page with the most 404 errors? You can do it!  And a Windows EventLogs config file is also available.  We can even export proprietary message logs. So far we have found no limitations.

What’s next???  With the ability to turn virtually any text log file into IPFIX exports, the sky’s the limit.  If your firewall doesn’t support NetFlow or IPFIX but it can export syslogs, no problem – IPFIXify it with the Flow Replicator!  Once the messages have been received from across the infrastructure they can be correlated and made available for:

  • Security analytics – threat detection
  • Security audits – data investigation
  • Compliance – data warehousing

Use IPFIXify to improve your company’s security posture and increase C level confidence that confidential assets are being protected.  No transport technology to date scales better, for not only transmitting data over the network, but also for optimized query times, as unlike traditional message formats, IPFIX takes advantage of structured data. NO MORE PARSING LOGS!!

What logs do you want to export to your IPFIX collector?  Let us know and we can help.  One last thing…..for consumers or for vendors who want to ship it with their hardware/software, it’s absolutely FREE.